Security
you can trust

The security of your data and the integrity of our systems is important to us. You can trust that we take careful measures to ensure your data is as safe as possible.

Certified Secure

QuickNode has received the SOC 2 certification for achieving and exceeding security standards, guaranteeing best in class blockchain infrastructure.


  • SOC 2 Certification
  • Type 1: Point in Time
  • 12.31.2021
AICPA Security Certificate

Website & Applications

We use best in class frameworks and software to ensure our web application is safe and secure for you

  • Secure transport All data is encrypted in transit and at rest so you don't need to worry about your personal information being leaked
  • Network segmentation Application credentials are hashed and isolated from the rest of the product
  • DDoS protection Important actions are rate limited to prevent DDoS attacks
  • SQL injection protection Requests are verified and filtered for SQL injections to prevent CSRF attacks
  • Data integrity measures Attributes are whitelisted on all models to prevent mass-assignment vulnerabilities

API & Infrastructure

The steps we take to ensure data correctness and availability

  • We never touch private keys Private keys are never stored so you're never at risk of having your funds stolen
  • Regular backups keep chains in sync Backups are performed regularly so no node is ever too far behind the tip of the chain
  • Trusted peer list Only trusted peers are used so we can maintain a large degree of confidence in our data’s accuracy

Audits

We use 3rd party auditors to verify our security

  • Continuous vulnerability monitoring Continuous software vulnerability scans directly integrated within our software development process
  • Annual penetration testing Third party audits are performed on our entire system to look for vulnerabilities

Operations

We use industry standards to keep our systems safe

  • Background checks Employees go through a rigerous screening process including a criminal background check
  • Multi-factor authentication and more Employees are required to encrypt their hard drives, utilize strong passwords, use 2FA, and enable screen locking.

Responsible Disclosure

Vulnerabilities are taken seriously & addressed promptly.

Report a vulnerability